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Japanese Patent Application No. 8-243181 
Japanese Patent Application date: September 13, 1996 
Applicant: Canon Inc. 
Inventor: Keiichi Iwamura 

[Claims] 

1. Communication equipment for conducting encryption/authentication 
communications of a layered construct in which a key belonging to a higher layer 
converts a key or data belonging to a lower layer, 

said equipment being provided with a means for setting communication quality 
such that quality of said encryption/authentication communications concerning a higher 
layer is higher than that concerning a lower layer. 

2. The communication equipment as defined in Claim 1 further provided with a 
means for optionally setting communication quality for each layer. 

3. A communication system comprising the communication equipment set forth 
in Claim 1 or 2. 

4. A communication system wherein quality of communication in Claim 1, 2 or 3 
is a parameter defined as a QOS in ATM communications. 

5. A communication method for conducting encryption/authentication 
communications of a layered construct in which a key belonging to a higher layer 
converts a key or data belonging to a lower layer, 

said method being provided with a means for setting communication quality such 
that quality of said encryption/authentication communications concerning a higher layer 
is higher than that concerning a lower layer. 

[Detailed explanation of the invention] 

The present invention pertains to communication equipment, system and method 
for transmitting information such as moving picture data, still picture data, voice data, 
computer data, etc. in a multimedia network. 

[Prior art] 

A B-ISDN (Broadband-Integrated Services Digital Network), which is expected 
to constitute a main communication infrastructure in the next generation, is a flexible 
network having a greater transmission capacity than existing ISDN and having 
capabilities of providing communication service of a requested transmission capacity 
(within a permissible range of a network resource). A B-ISDN attributes its- successful 
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delivery of such advanced services solely to the technology called ATM (Asynchronous 
Transfer Mode). In ATM networks, as in packet switching transmission mode networks, 
cells of a fixed length respectively provided with a header storing a label on which a 
destination is written are transmitted to handle an optional speed and upon reading the 
label, a switching facility conducts switching. Since a packet consists of cells of a fixed 
length, high-speed synchronous communication can be conducted at a physical layer 
level and an optional transfer speed can be secured according to packet transmission 
density. 

In order to guarantee secure use of such a communication infrastructure, network 
security technology such as encryption, authentication, etc. is vital. As is publicly known, 
encryption and authentication can be performed by a common key cryptosystem wherein 
the same enciphering key is secretly shared by the sender and the recipient (, which is 
also referred to as a secret key cryptosystem, symmetric cryptosystem, conventional 
cryptosystem, etc.) or a public key cryptosystem wherein one key, usually the 
enciphering key, is made public and a different key, usually the deciphering key, is kept 
secret (els for the details of the respective cryptosystems, see "Contemporary 
cryptography" co-written by Ikeno and Koyama and published by the Electronic 
Information Communication Congress in 1986). Further, various systems for securely 
distributing such keys have been proposed (see, for example, "Encryption and 
information security" co-written by Tsujii and Kasahara and published by Shokodo in 
1990). By utilizing the aforementioned techniques, secure data communications in the B- 
ISDN can be realized. 

[Problems to be solved by the invention] 

With a view to enhancing security in encryption/authentication communication 
such as described above, normally, hierarchically arranged keys as indicated in Fig. 6 are 
employed. However, since all data can be decrypted once an enciphering key is decoded, 
security needs be enhanced by, for example, enciphering a key by means of another key 
belonging to a higher layer or employing a plurality of keys for varying usage (for 
example, a signature key and an enciphering key) to simultaneously perform an 
encryption function and an authentication function. In this case, the encryption function 
may be replaced with a deciphering function, signature function, verification function, etc. 

In Fig. 6, a first key for key encryption is referred to as a master key and a key for 
directly enciphering data is referred to as a work key and the other keys are referred to as 
key encryption keys. Some of the key encryption keys including the master key are 
either distributed to users in advance or public keys accessible by anyone. In the 
meantime, some of the key encryption keys including the work key are either keys set for 
temporary usage by the sender, recipient or organization, etc. in charge of the keys or 
keys to be sent together with data in order to save time for retrieving keys or identifying 
the sender. 

Such keys are usually sent to the recipient together with and/or separately from 
enciphered data or data prefixed with signature. Thus, encryption/authentication 
communication involves not only data communication but also key communication, and 
it should be obvious that security of the communication concerning keys of higher layers 
of the hierarchy in Fig. 6 is more important than that concerning keys of lower layers, 
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because if communication concerning a higher layer of the hierarchy is not reliable, 
communication concerning any layers lower than that can hardly be considered to be 
reliable. However, in conventional communications, key information and data 
information concerning the higher layers is not distinguished from that concerning the 
lower layers; or even if they are differentiated according to location of information, etc., 
none of the conventional communication systems proposes differentiation of information 
according on the basis of its significance. 
[Means for solving the problems] 

The present invention has been accomplished with a view to obviating the 
aforementioned problems of the prior art and provides communication equipment, system 
and method capable of conducting communications by utilizing information such as 
significance of data, service, etc. to be transmitted. 

In order to achieve the aforementioned object, the present invention pertains to an 
encryption/authentication communication system for conducting 

encryption/authentication communications of a layered construct where a key belonging 
to a higher layer converts a key or data belonging to a lower layer to effectuate 
communications, said system being provided with a means for setting communication 
quality such that quality of said encryption/authentication communications concerning a 
higher layer is higher than that concerning a lower layer. 

[Embodiment 1] 

Hereafter, an embodiment of the present invention will be specifically explained 
with reference to the attached drawings. 

Since multimedia communication is conducted in a B-ISDN, the present 
embodiment allows different media to have different traffic characteristics. Therefore, 
different media require different QOS (Qualities of Service). In the case of ATM, cell 
transfer delay, cell delay variation, cell loss rate (CLR), etc. are defined as QOS 
parameters (further study is required for other parameters). 

"Delay" in this context means time that elapses between the instant at which data 
is transmitted and the instant at which the data is received, and "delay variation" means 
dispersion in cell transfer time due to congestion, etc. Since delay variation in image 
transmission causes fluctuation of the number of bits received during a certain period of 
time, it results in flicker on the screen unless the recipient side has sufficient buffer 
memory. Further, when delay becomes substantial in the case of transmission of 
conversational voice data, etc., an echo cancellation problem must be solved. On the 
contrary, when data to be transmitted is text data, etc., neither delay nor delay variation 
causes problems. Still further, cell loss rate (CLR) represents the ratio of the number of 
dropped cells divided by the total number of cells received. Thus, if CLR is high in the 
case of image transmission where data is continuously transmitted without checking their 
safe arrival at the recipient, a frame drops or noise arises and therefore, CLR affects 
communication quality substantially. It should be obvious that in data compression 
performed based on predictive coding such as MPEG, high CLR could lead to even more 
serious deterioration of image quality. Thus, each QOS parameter has different requested 
requirements according to usage. 

Between a user and the network, QOS requirements are set up as follows. A user 
requests a QOS class from a plurality of QOS classes provided by the network (a QOS 
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class consisting of a combination of several QOS parameters) normally when a 
connection is set up and a traffic contract is entered. At this time, the network determines 
whether the requested traffic does not exceed actual transmission capacity and also 
whether the requested QOS class can be secured, and if the network decides that the 
communication is viable, it informs a terminal accordingly and enters a communication 
mode. In the communication mode, the network maintains the requested QOS and 
guarantees the requested quality as long as the user observes the traffic contract. 

Further, various protocols (communication protocol) are specified for 
communications and a B-ISDN protocol is hierarchized as is indicated in Fig. 7 so that 
addition or change of various functions does not affect the whole. There is a specified 
data transmission agreement between layers. In Fig. 7, the physical layer corresponds to 
a protocol concerning physical media (specifications of a cable and connector, 
construction of a transmission frame, cell insertion, extract function, etc.) and the ATM 
layer corresponds to a protocol for handling multiplexing and exchange of cells common 
to all service. The asynchronous transfer mode adaptation layer (AAL) corresponds to a 
protocol for handling functions dependent on each service and has a plurality of protocols 
set corresponding to each service. The AAL absorbs addition and change of functions of 
the high layer dependent on each service so that it does not affect the basic functions of a 
B-ISDN system. Therefore, conversion of QOS requested by each service to QOS of the 
aforementioned ATM and reverse-conversion of the same is conducted at high layers 
including the AAL 

Thus, in a B-ISDN system, quality of communications can be designated by 
means of QOS. 

Therefore, the present embodiment is provided with a means for setting 
significance (quality) of QOS in accordance with the hierarchy shown in Fig. 6, i.e., a 
means for setting higher quality QOS in terms of cell loss rate, etc. for communications 
concerning higher layers than for communications concerning lower layers, whereby 
communications commensurate with significance of information of encryption / 
authentication communications can be realized. 

Fig. 1 is a flow chart describing an operation of the embodiment of the present 
invention. In the drawing, an example of a means for setting up a connection having 
QOS according to a layer comprises a QOS setting means for requesting/setting QOS and 
a QOS memory means for receiving information about a layer and storing a table of QOS 
corresponding to the layer. A control means such as a CPU, etc. controls the entire 
operation indicated in the flow chart of Fig. 1, including an operation for outputting 
information about a layer. Layer information K in Fig. 1 represents the total number of 
layers in the hierarchy in Fig. 6 and therefore, the highest layer is K, the second highest 
layer being K - 1 and so on. Thus, when a communication request occurs, the means 
shown in Fig. 1 requests and sets up a highest QOS on the assumption that the layer 
information is K. Using the thus established connection, the means conducts key 
encryption and authentication communications by means of the master key of the highest 
layer. Upon completion of the above key encryption and authentication communication, 
the means shown in Fig. 1 closes the connection. Then, the means decrements the layer 
information K by 1 and requests and sets up QOS corresponding to the decremented layer 
information. The means repeats the aforementioned operation until K becomes equal to 0. 
When there is a key that does not require the same communication as the master key 
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requires, however, processing for opening/closing connection as well as 
encryption/authentication communication is omitted. 

On the other hand, when there are no keys other than the master key that do not 
require communications, processing for determining if key communications is necessary 
is omitted. Further, if a few layers correspond to the same QOS, processing for 
opening/closing connection does not have to be repeated for each of the layers. Such a 
change in control as mentioned above can be easily made by changing programming of 
the control means. Further, the present invention can be implemented without the QOS 
memory means if QOS for each layer is programmed in advance. Still further, QOS need 
not rigidly be set for each layer and the present invention may be implemented by 
performing processing such as requesting the highest available QOS in the event of 
communications concerning the highest layer. Still further, QOS for communications 
concerning higher layers need not be of higher quality than those for communications 
concerning lower layers and may be set differently depending on how to set the QOS. 
memory means or how to program the QOS setting means. Since a series of 
communications (spanning a plurality of connections) indicated in Fig. 1 are all related to 
one another, identifiers, etc. can be employed to differentiate communications from one 
another. 

The above is effective for connection-type communications wherein QOS is set at 
the stage for setting up communications. 

[Embodiment 2] 

A B-ISDN system provides not only various QOS but also various connection 
setting modes such as a connection mode wherein a connection is established prior to 
transmission of information, a connectionless mode wherein when send information 
occurs, a connection is established to transmit the information, etc. The aforementioned 
embodiment 1 pertains to a connection mode communication service. The embodiment 2 
pertains to connectionless mode communication service wherein QOS can be changed in 
the midst of communications. 

Fig. 8 shows an example of a configuration of protocols for connectionless mode 
communication service. In the drawing, a CLNAP (Connectionless Network Access 
Protocol) layer is a part of the high layer shown in Fig. 7, where protocols for the 
connectionless mode communication service are implemented. Fig. 9 shows a format of 
a PDU (Protocol Data Unit) at the CLNAP layer. PDU represents a set of data 
designated in protocols at a specified layer whereas SDU represents a set of data 
transmitted by users of services at a specified layer. In this case, QOS is designated as 4- 
bit data in the header of PDU, which is generated in the CLNAP layer. PDU is turned 
into cells or synthesized at the AAL and ATM layers and transmitted via the physical 
layer. Therefore, in the connectionless mode communication service, QOS can be set for 
each PDU. 

Thus, according to the connectionless mode communication service protocol, 
different PDUs are generated at different layers (for different QOSs) and QOS 
corresponding to a layer of encrypted information contained in the PDU is set, whereby 
communications commensurate with significance of information (layer) can be realized. 
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Such connectionless mode communications can be implemented by replacing 
"connection" in Fig. 1 with "PDU". 

Fig. 3 is a conceptual diagram of the embodiment 2 of the present invention. The 
encryption means shown in Fig. 3 receives input data, encrypts the data and transmits the 
thus encrypted information to the QOS setting means and further transmits the layer 
information to the QOS memory means. It is assumed that a key for each user such as a 
master key, etc. is managed by a known key management means. If not (if, for example, 
a key is input through an external card, etc.), the key is input to the encryption means via 
communications, etc. In the meantime, a temporary key such as a work key, etc. is 
generated by using a known random number generator, operation means, etc. Further, 
encryption by means of the keys is conducted by a known encryption processing means 
and encrypted information output from the encryption processing means is sent to the 
QOS setting means. Since the order of use of the keys is determined in advance in such a 
manner as to correspond to the hierarchy of the keys, the control means provides to the 
encryption processing means a master key, etc. from the key management means (or 
external card, etc.) and a work key, etc. from the random number generator and operation 
means, etc. in compliance with the prescribed order of use of the keys, causes the 
encryption processing means to encrypt input data by using the keys (a work key, etc. 
may constitute data) and sends to the QOS memory means the order of the processing as 
layer information. 

The QOS memory means, which comprises a memory means for storing QOS 
corresponding to layer information in a table, provides the QOS setting means with QOS 
corresponding to the layer information input from the encryption means. The QOS 
setting means sets and outputs the QOS at a predetermined location and/or in a 
predetermined format as output data (predetermined information including the encrypted 
information). 

Next, the embodiment 2 with respect to the recipient side will be explained with 
reference to Fig. 4. 

It is assumed here that the recipient receives communications conducted by the 
means shown in Fig. 1. In Fig. 4, the QOS analysis means resolves the input data into the 
encrypted information and the layer information based on the location of prescribed 
information and format of an identification signal, etc. and sends them to the decoding 
means. If it transpires that the layer information concerns a layer managed by the key 
management means, the control means in the decoding means retrieves the key from the 
key management means, inputs the key to the decoding processing means and decodes 
the encrypted information. Further, if it transpires that the result of the decoding 
corresponds to information about a layer used as a key, the result of the decoding is 
temporarily stored in the key memory means. On the contrary, if it transpires that the 
layer information concerns a layer not managed by the key management means, the 
control means retrieves information constituting a key of the layer from the stored result 
of the decoding and inputs the retrieved information as a key to the decoding processing 
means, which decodes the encrypted information and outputs the thus decoded 
information. However, a key may be generated by the operation means based on the 
result of the decoding. Therefore, it is obvious that the QOS analysis means can be 
implemented by combining a processing means such as a CPU, DSP, etc. with a memory 
means such as RAM, etc., whereas the decoding processing means may be a known 
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decoding processing means corresponding to the encryption processing means in the 
embodiment 1 and the key management means may be a means similar to that of the 
embodiment 1 and the control means may be a processing means such as a CPU, DSP, 
etc. and further, the operation means may be a CPU, DSP, etc. 

Although the above explanation concerns encryption and decryption, encryption 
and decryption may be replaced by signature and verification respectively if 
authentication communications is also involved, whereby authentication communications 
commensurate with significance of keys can be implemented by employing the same 
means as in the case of encryption communications. Further, in the case of a system for 
conducting both sending and receiving, the means shown in Figs. 3 and 4 may be 
synthesized to prepare a means (program) since the components in Figs. 3 and 4 are 
similar. 

[Embodiment 3] 

The embodiments 1 and 2 represent means for implementing communications 
commensurate with significance of information in connection mode communication 
service and connectionless mode communication service respectively. In the present 
embodiment 3, a communication system including the embodiments 1 and 2 for 
implementing communications commensurate with significance of information will be 
specifically explained with reference to Fig. 5 

It is assumed here that the means of the embodiment 1 are incorporated in the 
sender's terminal and/or the recipient's terminal in Fig- 5 and the number of layers K is 2 
in the hierarchy of Fig. 6, i.e., there are only a master key and a work key. Further, a case 
where in the connection mode communication service, encryption and authentication 
processing concerning keys and data is performed according to the following ID-based 
key sharing system, will be explained below. 

[ID-based key sharing system] 

There is a center for managing the key distribution means. The center receives an 
identifier (ID) such as a name, telephone number, etc. of each entity, generates a secret 
key corresponding to the ID by using a secret algorithm inherent to the center and sends 
the thus generated secret key to each entity, whereby each entity calculates from the 
secret key and published ID of the other party of its communications an encryption key to 
be shared by the entity and the other party. This system is referred to as an ID-based key 
sharing system, according to which identification of a communication party and key 
sharing can be simultaneously conducted. 

The ID-based key sharing system can be divided into two systems, that is, a 
system that requires spare communications prior to encryption communications and a 
system that does not require spare communications. The system that requires spare 
communications cannot be used like an e-mail system, etc. where only messages are 
encrypted to be transmitted. On the other hand, a system that does not require spare 
communications can be used like an e-mail system and therefore is more extensibly 
applicable. However, if many entities conspire in the system that does not require spare 
communications, the center's secret could be divulged. As a system that requires spare 
communications, a key distribution system by Okamoto (Sakae) is known well, whereas 
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as a system that does not require spare communications, a key distribution system by 
Matsumoto and Lmai is well known (as for the details of the system, see Chapter 4 of 
"Encryption and information security" co-authored by Tsujii and Kasahara, published by 
Shokodo in 1990). Hereafter, the key distribution system by Okamoto (Sakae) will be 
explained as an example of a system that requires spare communications. 
<Key distribution system by Okamoto (Sakae)> 

1) A center makes RSA encryption public, which is one of the public key cryptosystems, 
as a unidirectional function. In other words, two prime numbers p and q and a decoding 
key d are kept secret whereas n = (p • q) and the encryption key e (e ■ d = 1 mod (p - 1) ■ 
(q - i)) are made public. A source element g of the finite fields GF (p) and GF (q) is also 
made public. 

2) At the time of subscription to a network, each user j registers his (her) own identifier 
IDj at the center and the center calculates and sends Sj = IDjd mod n to the user j. The 
userj keeps Sj = IDjd mod n secret. 

3) When user A and user B share a key, the following communications and calculations i 
~ iv are conducted. 

i. The user A arbitrarily chooses random number kA and sends CA = SA * gkA mod n to 
the user B. 

ii. The user B arbitrarily chooses random number kB and sends CB = SB • gkB mod n to 
the user A. 

iii. The user B calculates y = (CAe/IDA) kB mod n (= ge • kA • kB mod n). 

iv. The user A calculates y = (CBe/IDB) kA mod n (= ge • kA - kB mod n). 

4) The users A and B conduct encryption communications, using y as a shared key. 

A master key corresponds to Sj in 2) and a work key corresponds to y in 3). Thus, 
Sj in 2) is distributed in advance to each user and the processing/communications in 3) 
corresponds to encryption/authentication communications concerning a key whereas the 
communication in 4) corresponds to encryption communications concerning data. 
Further, the user A and the user B correspond to the sender and the recipient in Fig. 5 
respectively. In the following explanation, it is assumed that each terminal in Fig. 5 
comprises a known ID-based key sharing means in addition to the means of the 
embodiment 1 (the aforementioned Sj is normally managed by the ID-based key sharing 
means). 

First, when the user A conducts encryption/authentication communications with 
the user B, the user A first negotiates with the network over QOS by means of the 
embodiment 1 on the assumption that K is 2 and establishes a connection of a high 
quality QOS with the user B. Upon setting up the connection, the user A performs the 
processing/communications set forth in 3) with the user B by using the known ID-based . 
key sharing means, whereby the user A and the user B share their respective work key y 
and temporarily terminate the connection. Subsequently, the user A negotiates again with 
the network over QOS on the assumption that this time, K is 1 and establishes a 
connection with the user B, which connection has QOS lower than the QOS for K being 2. 
Using the thus established connection, the user A conducts encryption communications 
with the user B by means of the work key y. 
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Next, a case where in connectionless mode communication service, a master key 
is shared in advance by the sender and the recipient and is stored in their respective key 
management means whereas as a work key, a random number generated by the sender's 
random number generator is used as it is, will be studied below. In this case, each 
terminal in Fig. 5 comprises the means of the embodiment 2. 

In order for the sender to encrypt data with a work key and send the encrypted 
data to the recipient, the sender first retrieves from the key management means a master 
key shared with the recipient, encrypts a work key, which is an output from the random 
number generator, with the retrieved master key to form a PDU together with its layer 
information, retrieves high quality QOS corresponding to the layer from the QOS 
memory means, appends the QOS to the PDU, turns the data into ATM cells and 
transmits the cells to the recipient. Further, the sender encrypts the data by using the 
random number as a work key to form a PDU together with the layer information, 
retrieves QOS corresponding to the layer, which is lower than the aforementioned high 
quality QOS from the QOS memory means, appends the QOS to the PDU, turns it into 
ATM cells and sends the cells to the recipient. 

The recipient identifies, from the PDU in the form of ATM cells, encrypted 
information, layer information, sender, encryption number, whether encryption was 
conducted or not, etc. In this context, the encryption number represents information used 
to associate a work key with data encrypted with the work key. Thus, the recipient 
determines, from layer information and whether encryption was conducted, if information 
was encrypted by the master key, etc., and if it transpires that it was encrypted with the 
master key, the shared master key is retrieved from the sender information. Further, the 
recipient deciphers the encrypted information by using the retrieved master key and 
stores the deciphered information as a work key together with the encryption number in 
the key memory means. If the PDU belongs to a low layer, a work key having the same 
encryption number is retrieved from the key memory means and the encrypted 
information is deciphered by using the retrieved work key as a key, whereby the recipient 
obtains the data sent from the sender. 

As is mentioned above, the communication system in Fig. 5 is applicable to 
communications concerning various keys and data. 

Although the above example is provided simply for the sake of ready explanation, 
it should be obvious to those engaged in the art that the same communication system as 
mentioned above can be implemented if the means of the embodiment 1 and embodiment 
2 are exterior to the means of the embodiment 3 instead of being incorporated in the 
terminals of the embodiment 3 or if the construct in Fig. 6 is multi-layered or if a key 
sharing system other than the ID-based key sharing system by Okamoto is employed or if 
the connection-type communications and the connectionless-type communications co- 
exist, etc. It should be also obvious that the present embodiment is also effective when a 
sender, recipient and center station conduct encryption/authentication communications 
having the layered construct shown in Fig. 4 with one of the terminals in Fig. 5 being 
used as the center station. 
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[Other embodiment] 

Although QOS is used to implement communications commensurate with 
significance of information in the above embodiments, the present invention embraces 
any means for realizing different communications according to significance of 
information other than QOS. Thus, it should be obvious that if means other than QOS is 
employed, the present communications can be still readily implemented by replacing the 
QOS in Figs, 1-4 with the other means- 
Further, in the present invention, a system for performing the aforementioned 
processing and a communication terminal may be separate or combined. 

Still further, the object of the present invention can be also achieved if a storage 
medium storing a program code of software for performing the functions of each of the 
above embodiments is provided to a system or a unit and a computer (or a CPU or MPU) 
of the system or unit reads out the program code stored in the storage medium and 
executes the same. 

In this case, the program code per se read out of the storage medium performs the 
functions of the above embodiments and the storage medium storing the program code 
constitutes the present invention. 

As a storage medium for supplying a program code, a floppy disk, hard disk, • 
optical disk, optical magnetic disk, CD-ROM, CD-R, magnetic tape, nonvolatile memory 
card, ROM, etc. may be employed. 

It should be also obvious that by executing a program code read out of a computer, 
not only are the functions of the aforementioned embodiments performed but also an OS 
(operating system) operating on a computer conducts a part of or all of actual processing, 
whereby the said functions of the embodiments are performed. 

Still further, after the program code read out of the storage medium is written to a 
function extension board inserted in the computer or memory of a function extension unit 
connected to the computer, based on the instruction of the program code, a CPU, etc. of 
the function extension board or function extension unit performs a part of or all of actual 
processing, whereby said functions of the embodiments are performed. 

[Effect of the invention] 

As is explained above, according to the present invention, communications 
commensurate with significance of information can be realized. Particularly, 
communications having communication quality commensurate with a level of a layer of a 
key used in encryption can be realized. 

[Brief explanation of the drawings] 

Fig. 1 is a flow chart describing a processing procedure concerning the 
embodiment of the present invention. 

Fig. 2 is a conceptual diagram showing a constitution of processing performed in 
the embodiment. 

Fig. 3 is a conceptual diagram showing a constitution of the transmission side in 
the embodiment 2. 

Fig. 4 is a conceptual diagram showing a constitution of the receiving side in the 
embodiment3. 
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Fig. 5 is an illustration showing a constitution of a communication system in the 
embodiment 3. 

Fig. 6 is a conceptual diagram of layer encryption. 

Fig. 7 is an illustration showing protocol layers of the present embodiment. 
Fig. 8 is an illustration of an example of a constitution of a protocol for 
connectionless communications in the embodiment 2. 

Fig. 9 shows a PDU format in the embodiment 2. 
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[0 0 0 1 3 
[0 0 0 2] 

$fl"C V B - I SDN (BroadbandAspects of Integr 
cited Services Digital Network : J2x&t&? — tV4&& 
7'-f £/^;Uiffl>.(±, 5£^»7c7XT^£ I SO NtlJt 

^ „ e }* sfi^ > < . . ( * v w—7 m$ os* 

— tf*#^flg$rO<±. -SCATM (Asynchronous Tra 
nsfer Mode : 3h:|n!fflM£5*^:— K) fcD^tfir*. E-IS 

h3c}fifr>£*— K £ RISC, 

?fil^7 ^'5* ft L [U^^<7)-t: ;u £ iiai^" S 3 X 
E'«cii^: t x\ ^Mu^j^X'^^mmimtE 

"CSS, 

[ 0 0 0 3 ) — 75\ o^'jlft^f >7 7L^-t>' 



.ftRFP 10-9354/ 

* aft ^OS^SI^r aSrCft^-T & *=jffiSID§-S- 

7j5t <S6®ffl»^;«e. Haifr**a. 

tfLxhffi*<nmm&tt&t%z$2rix^% (fctitf 

90. ®fi3) . UiiOio^^ierH^^^^i-^^ 
X. B — I SDN LT k ^rir^f 5Sr C <: 

[00043 

[ ftBB/?*ft?at L J: -5 ^ -T o 3*85 3 ±5^^ J: o ^a§-f ^ !g 

[00053 mz^^xm^°--^&wtrj:hmr^^ 

A o >t «5 . 1 7 * S a '4k\ft0>ffiX'$) ->fz*) 
■fS. SA:. 7- 7 t ^^^^^ 

[ o o 0 6 3 Z0) i 5%m^%°'it£rzi±W(&l?z*- 
IS. j;ot, * IgfiEafflfSCiix— ^irRi-^^iafS^ 

JS62|»r ^ifflft^lf BITS Cr ttit(f'cil«T»'ii'i-:ft : l 
W?fz hf-^ ARBS EJJ»J t T t ^^r^ ^ ^ "*) - WS^ffiS 
[0007] _ 
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[00 OS] ^<Oi3RarSSi-r^^, *rh£*4*l§ s J3 
[00 10] 

[0011] 5fe^. *3BMfc©!BT14. B-ISDNCfe 

lC-3£2:&QOS (Quality Of Service: -9*— h*^. D D D ST ) 
ATMCfcftSQOSi: LTt42ffifcS 

TZa$*xT^S (itoQO S^9> — ^rovvCtt^- 
gfSSrfiii-C^ffl-cabD . 5SiESa&JilfflSS:i:t:J: 

^^J: ptcy T)Vf4i^tf*Z^tc^WZ-o^X\±^ x 
>--t/u2r fc* ^X5fe* J £-5S«!; t-S . ate >J TVU:? 

3&fc^t::fi<PflfflIt43rtv -feMS*?si4. 3£fS*K«t9 

Jt^*^Si"£iOT'&D- ^-^S^tT^ 7"<0 

COO 1 3] ^— Ft^-v hV-^rpIT-^QOSOSlfc 
tffifJt--?"6QOS7 57, <j£0^£OQOS^>— erffl 
tTo .. Cftli h ^ >r ••/ ^Rf-*}2¥fc <: L lCiM3Jiiifif30 

"fifgt olfJBSKt-ilJB L3Bff ^- £ . ilfl^- F 
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[0014] 4^:. afifttzfc^Ttia^^OTD hr?;u 
<»8^>*%*$>iv B-ISDNWDh3K 
14. i^v^oOtMfc^^ 

3:^ J: 3 t= , HI 7 tcf^-f J: 5 4-7* □ b 3;t^ffiig<ffc*<fr 

t-^^-t^UO^^t&t/^ja^^TO . AAL (ALT 

±{iU-^ J r^^<7)ie3o. 3E5S2rfiiRL. B - I SDN 

— AqgSRT ©QOS O ATMOQOS^ 

0)3CSL ai/ffl!SSSt4- AALr-S-tfifflU^-VT-t?*) 

[0015] Z<7)£ 3C. B - I SDNtC*3V^Ti4QO 

(00 16] efc^T. *3BSE»!Bri4. ^^QOStcHI 

v ^TiM tcP^i" ^ jiff (4 -r hJUT O 

[0017] 01 tz^k B ^^&Bmzitt^yrt--r 

S=£5E^iih . Jglgfflffi&S'Ct-tixtc^jerS QO S 2: 
-T-7/i'bLX m& LfcQ OS tm^mz 3:-?X flJffcT 

±.{iico^^?mz&hm^it$i<^^ - t^ifs^^T 

tfOittff-rSaOiEL . K = 0 t ^ix^l^h . fe^fL, 
[ 0 0 1 S ] v^^flll^K^aff 5r-J?a^ Li^ 
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5. i£Sl±2: v a . c fx % cO#JOTOCT(4#JffP#K'^ 7a 
^5S^LTis<»tJ:-3Tt *RflJK436SI!T" 

/S^HF fiUttiB H» LT^-TiS A-K-CSr < T i> . Q O S 3 S 

^ T eSUIfcET ^ ^ h £ o . n^iU Hl^—M 
Offlffi (tg3&03*7^3 vlzir^S ) <4EB9SLTi* 
5If§k:t4fft^jffij§6EM^ 

c o o 2 o 3 <3S2<Dmmmm> b-isd Nx-am* 

■fB £ si ft 5 3 * ? is 3 L- J* jgs£ 82 * & =3 * ? ^ 

?z* ^??>2<7)^te&?&X'li. iMfaiE^TQO S r£:5ET' 

[00 2 1 ] ISI8C3*^^ s VUXgj07"o h^;U(30 
f#j£0— Mtr^T . SHCfcUT. C L N A P (Connectio 
nUss Network Access Protocol) 14S 7 to7<§ ;ix&±(2 

SriirS-f £W ^"CAS. -f ^)U^-^tz*>"t+-5> PD U(P 
rotocol Data Uni t) y -7 .y M4EI9 5 tC*S$*x 

SUD (Service Data Unit)ti s 7uh3 
KfflT-S.^.— *fb*hcr)7 : — f&t3X'er>h. Z<7)*& 
-£\ Q O SiiP D U0^7^*04 b'y SOf-^ ^ L 

TfSffiSiv c^PDUf4CLNAPu< ^c^ot± 

J&cTXS. I^PDUrAAL, fi.t>'ATMl/>f 

COO 2 2) i^T. 3*-^^ g >U^S^ilfS7'o h 
S£=*-ti\ ^^PDUiz^iix^B^t^SJ^I^/Stc^ob 

> r p d u\,z&*mLTzum\<z£^xm%X'Z 



*. s*:. 7— ^ffl?f^>*o«IK0Offli44>jEDOSLS± 

^at=i &»ww4i&a^B&^jaE*ecj: ot^a$ 

*U ffl*&ix6B«fif?fK4QOSSft*a«:5*ferfi5. 
S^ic. ^iife^ffl^l^illB^^jgrtfeixTfcO. 

tf>5£*> ^ixfcSS^ffifflJ®? (l»JS) tfltssre 
*I*R (**:<4*h3S) ^^^^gfl^^IESL^^ 

[0024]«i:. Q O SSE«*R«4B*«»c*fE^ 
J£ctx. X»Sfi^tt««»CJEtfcQOSS:QOSi£ 

s^st^i^. Qose^^s(4as*f f -^ (R«s-^ 

[ 0 0 2 5 ] <JC(C. a«nizSr^4*3i>©BfBria4 r 

[00 26] ««M-C14. * 1 OHfiBBBC* L ^^FS 

S»-W*R«4A»T-^Sr*l»LT, ^tf>Stf>4>tf.£tif 

U T &^mz& h . jmSC^ v W|fffl^at4 
* ^P»«ffi SS**J8Wl*S^Sffl $ fxt ^ * IS5<ofiffS 

a*#fiEi LTfflV\fefxS««0««"CAixtf . 
*Kt4* OKf/B-Wft^iBra^RT-^RBS ixT v t 

SE^flS-sS-SS* 5 t> fc C ffiS* S(C SE « ^ 

^■tie>*- J;oT. QOS*W^P.W4CPU. DSPS? 

fE-^i&a*Pai4ss i o3^iEJBJB^^^¥-atc^j^-r 

Fl^^F^. fMW^-atCPU. DSpap^^l^SC 

Set (4^ ^ t^T-Jo ^ 
[0027] JajL«4. 0ff^.ftfitKR^tzo^TasJ!L^ 
IggiE^Srfx-Cv^iS^flg-g-SS-^. fE-^e^'ir 

^ts^m^-c^^ix^. tssmmiznLxhm&w*- 
mz x ^x&n^mzj& tfzim-^'&xh z>~tit 
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-£!&z*±f^& zm^^zt tsBTft 

[00281 <® 3^^ft?BS5>* 1 . 3g2^T>geS63gHS 
^ tz o v ^ El 5 5: ^SCSWB^" * . 

■ ISEESftSiiJSlTC*^" I D — b a s e d.S^ft^StC 
[0030] [ID-base dS^*^] BB£iiS* 
^m-^SSBW^riT^SWOU (ID) 5r-fex^*«»t 

6, I D-b a s e dSBJtW^sSfc^tf 

u-WI ft*: t -f&mtt L&vJttfcfti&Z ft * . 
-r Kiaff £ > ^ i JfflftXO^ £ BrHf-ft L T & 

J:<»£ftT^4 (f?£HI(ii±#, £J&^ rHSftffiaHs 
* * 'J -f" * J VitfLSt. 1 9 9 0. *7D35435^K) . UiT 

[0 0 3 2] (31* (5S) ^ffllS23S^ : 

i ) hz ^Pittiaak lt£bmeb3^*o i o 

-CM-) iRSA Off-g- & h . HP^>. 2 OOSSSt P . 

m. at/fS^SId iWS^t r Th. n = (p ■ q) . &tf 
u&^-ffl e r -5iga--r £ ( Bg-^SE e c S^SE d li e ■ d = 1 
mod (p-1) • (q-1) COf^im rLO) . o ^ 

ana*** 

[ 0 0 3 3] 2 ) r§-J_— *f j f2*v h7~ ^JUAB-St-. 
I Djd mod nrttS • 5*flLTi fcW -r"ftr«J 
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[0034] 3 ) a-fA £ ol— *f Bliffi^e-frS fc 
§ i — i vi5 Sri&fi • ftff r fr 5 . 

1 . i-ifA«±ajSicAS:ffiEK:S^- ca=Sa> skA 
mod nS^—iFBCsMS. 

ii. j.-HfBttaUB*BS:ffiECaSt/, CB=SB- S kB 
mod n5:a-f AtcSS. 

Hi. J2_— if Btiy = (CAe/I DA) kE mod n 
( = ge-kA-kB modn) &fhfffc"$"£. 

iv. tf A(4y = ( CBe/I DB) kA mod n 
( = S e-kA-kB mod n ) r stSCi: - 
[0O3514) i-fA, B ^ U:ye:St^^ LT 

2 ) oSjiiWii-^ffUTfe 0 , 3 ) ^«B« * 
3iff£<®CJ^£B2-^ • SffiEaHlt-ft 0 , 4 ) a<r-* 

OS ID-base dSfc^^S^i: ^T^^ 
C 0 0 3 7 ] TfeT. i-fAiiJ.- f& kBi^ - KSEE 

SJ D D ae<7)QOSr^^^*^^3 V'Sr-BaiS-fS. 3*7 
fx 3 >SHEflfc. j^-if A(i^--f Bir^raT^^ I D 
-base dSE?tff*SSfflV^-r . 3 )' OffiS ■ ifift5r 

OS<D3K£Srfrt.\ if B fcOHtcK* 2<50«*UIT 
.*;ysySfflK.a-fBi fil y C i 

[ O'O 3 9 ] afifl^r-^S^— ^ffiTH5--?--ftt-CS 

^7$^ ^m^&fr hWZi L- , J: -? T 

StZPDUir tRA L. QOS ic^^ <b ^ <?>fim C^t 
6 SJcb \TlCO QOS ^rf^ti-T ;Kfc L 'CSfl* 

L, QOS iEtS^Sa^ ^ -r OPi h JS £St JE-f S lu Q O 
SWWn&^QQ S rW;tRfcATIvH:/Wl:L"C 




[0040] Sfa*«-t/USr**U;t P D UA>fcD§#ffi 

«fS«d^ * ? SI J: T Dg-^f t S v * « «s & : f 'JBr 

-^-grT filSaiS^&a* ^^L^crL^ 

k LTre-^tiWfiSrffi-^U £ 3* 4> futi-r - ? *: 

[004 1 ] VXt<0£z>{z. [515^iMff 

^sg^ t-*-^ tRi-*-4iaisi=iaffl-e & set . 
[0042] ia_tl±. fS&ntzvxnwx- tb&tf. SS 1 , 

(*) ^ID-base dffi^-SJa*!^ 

g?^v£0*S-&. 3*7^3 >SfiOa«fc =I*^^3 V 

* m^^3*£ffiUaiT4Hr>*Sk LT. iS(I#kg 

fss , &i^-fe v ? xm 4 ^ j: 5 ztvsmffi&z t ^eg-g- ■ 

iiff ^ n °Q r mm-t LT<iQOSUE 

*^ r 1±I3 1 H2 4 <^ Q o s t::Khf § gj^ & * co^fj^ 
«KE* »£ 4 C tti^T SfiC3SST'S Sit 

[0044)^. ±fE«igi&SS^*fc^ 
[0 04 6] Ci^*Sr£\ 3E1SMte7^Ka5Sn^:ro^ 




) 1 0-93 547 

k tc^Sr 0 . -c a ^ 7 A r? - H 5 sE1£ L *: 

t£t^; , 3teHSvr-f*7, CD-ROM, CD 
— R. BBKt— 7". WMO^^'M-F, ROMS: 
.k"Sfflv^s^k* ^- Ct S>". 

— T^f ) i:k'^35IS^i?l«0— SB 2 £<±£ 

[0049] S^C. iElE«H=**^KiB$ii^ro/7 
i,3-h>\ a ^ tr ^ - s $ rfxfcffiftSffiSfi^- K 

^■t^^ir^C:k<±^3^T-^^^. 
[0050] 

[005 1] 
^-?MX"£>h. 

C 0 4 3 • SB 2 t= *5 «■ * S fSHSOtS ^ IS^S r 

[0 5 3 2^3^teS^^tt^iift>X^Z^:fS^r 

[126 3 K^DS^-ftolgM;!2IT'»i- 

[(217 3 i5tiE«JatC*5(tft7"a h nyu^op s c /Sr^:T[3r 

[ H! S 3 55 2 <50S3iBB5BCi> 3 ^ ^ ^ 5 > u ^-Jfi^ 
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[01 ] 



[122] 



[07] 



WBMM- K 




a* ? ^ * >.tt t 



K - K - I 



00S 



- 2f5 



ATM K * 



(04} 



aw* 



qos 



[S3] 



[EI9 3 



ask 



cos zte^-a 



QOS 



20*M> 0— 20'«V 



CINAP-SUD 



PAD 



CRC-3?j 



) 



73 Ui 















7a ?a- 









1 — — *■ 
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3*7 > d >l/^^~ 






CLNaP wr 




CLNAP U< * 




CLNAP I- f + 


A.AL 


ATM!Z?Srf* 




AAL 








AAL 


ATM U -f "f 




ATM u-f -r 




ATM U-ff 




atm u-r * 


ATM r 
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